Signature Detail
Short Name |
FTP:SERVU:LIST-OVERFLOW |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
Serv-U LIST -l Command Buffer Overflow |
Release Date |
2004/07/28 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
FTP: Serv-U LIST -l Command Buffer Overflow
This signature detects attempts to exploit a known vulnerability against a Serv-U FTP server. Attackers can submit a maliciously crafted LIST command to the server and execute arbitrary code.
Extended Description
Reportedly Serv-U is affected by a remote buffer overflow vulnerability in the list parameter. This issue is due to a failure of the application to properly validate buffer boundaries during processing of user input. Successful exploitation would immediately produce a denial of service condition in the affected process. This issue may also be leveraged to execute code on the affected system with the privileges of the user that invoked the vulnerable application, although this has not been confirmed.
Affected Products
- Rhino Software Serv-U 3.0.0
- Rhino Software Serv-U 3.1.0
- Rhino Software Serv-U 4.0.0 .0.4
- Rhino Software Serv-U 4.1.0
- Rhino Software Serv-U 4.1.0 .0.11
- Rhino Software Serv-U 4.2.0
- Rhino Software Serv-U 5.0.0 .0.4
References
- BugTraq: 10181
- CVE: CVE-1999-0349
- CVE: CVE-2004-1992
- URL: http://www.securiteam.com/windowsntfocus/5ZP0G2KCKA.html
- URL: http://www.serv-u.com/